Wireless Network Services Made More Secure

Increasing cyber security threats and regulatory requirements have led the LBLnet team to add new defenses to the Lab's wireless networking facilities. They've stepped up protection, particularly against worms and viruses aimed at Windows systems on the wireless network.

"This policy change has no effect on typical wireless usage like web, email, ssh and Novell,” said Mark Dedlow of the Lab’s Computer Protection Program. “We believe the adverse impact on the Lab is minimal.”

Network traffic originating from the wireless network (lbnl.us) destined to lbl.gov on ports 135, 139, and 445 has been blocked in order to prevent the spread of various worms and viruses. A side effect is the disabling of access to Microsoft file and print servers (located on lbl.gov) from wireless systems. For example, if you have accessed Microsoft or Samba file servers from a wireless laptop in a conference room, you will no longer be able to do so directly. But there are a number of alternatives:

1) Plug in with wire. If you use wireless in your office where there is nearby network jack, simply connect to the jack instead.

2) Use virtual private network http://www-lblnet.lbl.gov/vpn.html (VPN). Configuring the LBNL-supported VPN software and connecting to LBLnet via the VPN will enable full lbl.gov network support when on wireless. (VPN is actually within lbl.gov, not on lbnl.us like non-VPN wireless systems.)

More details on recent wireless security changes are available online.

Questions or comments? Send an email.